HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

CRITICAL: Vanilla 2.1.8 released

1246

Comments

  • @Linc - that worked.. I swore I was on 2.1.7.

    Thanks!

  • @lament best avoid diffs.

    grep is your friend.

  • @x00 said:
    lament best avoid diffs.

    I would've been fine if I had just realized I wasn't on 2.1.7.

  • Hi - does this affect 2.0 users? My site is still on 2.0.18.14. Is there a patch I need to apply or a release available for the 2.0 series?

  • AdrianAdrian MVP
    edited January 2015

    @redterror, because we are longer releasing security updates for the 2.0 branch (as of December 2014) we recommend all users update to the 2.1 family.

  • Thanks for the reply. Just so I can judge the level of urgency here - does this bug affect the 2.0 series?

  • Updated, everything went better than expected :D

  • Hi all! So I went through the steps posted on this thread to update my 2.0.18.3 version of Vanilla to this 2.1.8 version (including deleting the helper_functions.php file) and it kept giving me an error message. A different one each time, including one showing a Vanilla-themed page saying "update failed" ... I tried it a few times, each time with an error message. Would the next step be to disable all my plug-ins and try again?

  • @adrial79 said:
    Hi all! So I went through the steps posted on this thread to update my 2.0.18.3 version of Vanilla to this 2.1.8 version (including deleting the helper_functions.php file) and it kept giving me an error message. A different one each time, including one showing a Vanilla-themed page saying "update failed" ... I tried it a few times, each time with an error message. Would the next step be to disable all my plug-ins and try again?

    Yes. You should have 2 files to delete if you are upgrading for 2.0.x to 2.1.x if I recall correctly. One is the 'default.master.php' and the other is the helper functions file you already deleted.

    Search first

    Check out the Documentation! We are always looking for new content and pull requests.

    Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.

  • @adrial79 Yes, definitely disable all plugins (except HTMLawed) especially when you're coming from 2.0.x

    And add this to your config:

    $Configuration['Debug'] = TRUE;
    

    to get the full error messages.

  • heliodonheliodon New
    edited January 2015

    I am upgrading from 2.0.18 to 2.1.8 p2. Over the last few days with helpful advice from @Bleistivt I have been able to get a clean install on my staging server.

    This morning I implemented the upgrade on my live server.This went well enough. I received the "success" notification and most pages seem to function well. However, when trying to view a discussion page the system delivers an empty page and I get the following error message:

    Fatal error: Call to undefined function mb_detect_encoding() in /home/crisr/public_html/discuss2/library/vendors/simplehtmldom/simple_html_dom.php on line 988--

    It seems that the new version of Vanilla requires an extension that is not enabled on my server. Is mb_detect part of the mbstring extension in PHP? I was able to find the mbstring extension enabled on my staging server but not on my live server (Apache, run by an academic department). Uncertain whether I can convince the live server administrator to implement the mbstring extension I am wondering if there is a workaround that would make the mbstring extension unnecessary?

  • Update: I found reference to mb_detect in this thread:

    http://vanillaforums.org/discussion/comment/179154#Comment_179154

    Following advice there I commented out the two lines referencing mb_detect and my discussion page content now loads. I am wondering now if there are unintended consequences from commenting out the lines?

  • I'll conjecture that you'll probably be OK with that commented out, but I'm not sure. I'd still try to get mbstring installed, mostly so upgrades aren't a pain. Lots of PHP apps use that extension.

  • adrial79adrial79
    edited January 2015

    Hey all!

    So I did everything that was suggested, I disabled all the plug-ins and got rid of the 2 files helper_functions.php and default.master.php.

    And dang! After I pressed continue after entering my database username, password, etc (from the "/index.php?p=/utility/update" screen), I waited a bit and then got an Internal Server Error ... http://screencast.com/t/XJpJ4FUG

    Then I went back to the page, entered all the info again, pressed continue and got this:
    Can't DROP 'FK_Comment_DiscussionID'; check that column/key exists|Gdn_Database|Query|drop index FK_Comment_DiscussionID on GDN_Comment

    What do I do now? So close! :) (Thank you so much for any help you can give!)

    [EDIT]

    I resubmitted again, and it looks like it took, but it doesn't seem to be tied to the previous database. It's starting from scratch with no posts. How do I tie it in?

  • LincLinc Admin
    edited January 2015

    @adrial79 Whoa, sounds like your config got overwritten? I hope you have a config.php backup. Change the database info lines in your new config to the ones from the backup. Or, you could use a MySQL tool (like phpMyAdmin) to export the old database into your new one and carry on.

    If you run into that FK_Comment_DiscussionID problem again, I'd try using a MySQL tool to remove any indexes on the GDN_Comment table. They should regenerate with a utility/update. Note this could be extremely time consuming on a million+ record table, so I don't recommend it in that scenario.

  • Whew, thanks Linc. I re-implemented the backup database and backup HTML files and it's back to where I was before I attempted the upgrade. So you think if I do all those same steps and then copy over just the config file, it'll work?

  • edited January 2015

    I'm running 2.1.6 and want to upgrade to 2.1.8. This is on a hosted account. I installed 2.1.6 through cPanel, which invokes the Softaculous package installer/manager.

    Now in Softaculous, there is a button which says Upgrade to version 2.8.1p2.

    It's tempting to press, but what are the odds that it is correct/safe?

    (In any case I will do the backups indicated at the head of this discussion.)

    Thanks

  • You might want to create a new discussion asking for experiences with Softaculous. Since someone doessomething in the background, it's hard to tell what will happen.
    But if you make a backup of your db and yourfiles, I'd say: why not? I would havethe faith that if they offer this service, they've tested it.

  • LincLinc Admin
    edited January 2015

    @adrial79 Let's take this a little slower this time. Go to /utility/structure and find the query or queries that caused the problem last time. Try copy/pasting it into a database manager like phpMyAdmin and try running it there. If that works, do the rest of them that talk about indexes or have FK_ in them. If all goes smoothly, go ahead and run /utility/update again.

    I'm not really sure what the issue is, but you've got a very weird situation here. If that doesn't work, I suggest restoring from backup again and making a separate database structure export (not contents) and either email it to me or start a new discussion with it, and we'll take a closer look at what's going on here.

Sign In or Register to comment.